5 Months After the Hurricanes, the World Must Do More to Reconnect the Caribbean

2017 was one of the most active hurricane seasons in the Caribbean on record. Five months after the major storms Irma and Marie devastated parts of the Caribbean, there are still far too many people without access to the Internet and everything it offers. In our view, this is unacceptable. Today we published a snapshot of the current situation from the region in a new document, Report from the Field: Post-Hurricane Connectivity in the Caribbean.

The international response to this natural disaster has been mixed at best, and while several entities reached out to the region, a number of challenges impeded smooth and rapid assistance, such as lack of coordination. In some instances, the response from authorities has been either slow or insufficient, or both. The current reality that parts of the Caribbean are still without Internet connectivity this long after the hurricanes wrought their damage is a clear indication that the world’s response to this disaster has fallen short. The robustness of the telecommunications’ infrastructures in certain countries, which form the basis for Internet services, can also be questioned.

The world has the resources to do more.

We ask governments, businesses, educational institutions, NGOs and others, both in the region and around the world, to join together with renewed determination and commitment to reconnect the Caribbean – and to build a more resilient infrastructure that will help the region recover more quickly from the next round of hurricanes.

We believe that the reaction from governments should not be limited by political differences or formal barriers. People’s lives, pains and opportunities demand immediate action and all actors must work together to ensure that the response in future cases is timely and appropriate. It is simply unacceptable that so many people are still without both Internet access and electricity. It’s time to refocus and reaffirm our collective commitment to the Caribbean region.

The Internet Society will lead by example by doing the following:

  1. Partnering with entities that are looking how to enhance telecommunications and internet infrastructure resiliency. As part of this the Internet Society has been accepted as a member of the Commission for Caribbean Network Resilience charted by the CTU. Based on my telecom and Internet policy expertise, I will be joining as our representative.
  2. Partnering with Caribbean organizations focused on telecom infrastructure. In particular we look forward to working with CANTO’s Natural Disaster Committee.
  3. Developing a Disaster Relief Fund as part of our Beyond The Net funding program. This new program will enable Internet Society Chapters in affected regions after a natural disaster to apply for funds for projects that restore Internet connectivity. We will be announcing more information during the weeks ahead.
  4. Engaging our community in this effort. We will ask our Chapters, Organizational Members and individual members to join with us to make this a reality.

I will be attending the CANTO Annual General Meeting next week (4-6 February 2018) in Trinidad & Tobago where I look forward to discussing these ideas with many attendees.

At the Internet Society, we believe that the economic, social, education and communication opportunities made possible by the Internet are critical to our society today. We believe that Internet outages, either by natural disasters or government shutdowns, harm the people in the region and connectivity must be restored as soon as possible. Beyond that, Internet infrastructure must be made as resilient as possible to stand up as much as possible to these kinds of events.

We look forward to working with our members and partners to bring about a reconnected and more resilient Caribbean region. We are planning several activities over the next few months and will be posting updates and more information to this page:

https://www.internetsociety.org/reconnect-the-caribbean/

Please do share our new report and do all you can to help #ReconnectTheCaribbean.


Image credit:  © Commonwealth Secretariat on Flickr – CC BY-NC 2.0

The post 5 Months After the Hurricanes, the World Must Do More to Reconnect the Caribbean appeared first on Internet Society.

Internet Society

BrickerBot creator Janit0r ‘retires’ after bricking over 10 million IoT devices

BrickerBot creator Janit0r has retired

Alleged Brickerbot creator Janit0R stands down from hectic career of compromising IoT devices. 

Janit0r, the alleged creator of BrickerBot, a piece of malware designed to damage insecure IoT devices so severely that they become redundant, has apparently retired, but not before claiming to have ‘bricked’ over 10 million IoT devices in his recent career.

The resignation letter came in the form of an email to computer help site, Bleeping Computer. Earlier in the year, the person behind the ‘Janit0r’ nickname, a self-professed ‘grey hat’ hacker, claimed that they invented the malware strain to brick IoT devices as a sort of ‘internet chemotherapy’, which could be used to damage vulnerable devices before they got infected with the Mirai malware.

Read more: BrickerBot ‘creator’ claims two million IoT devices have been destroyed

A brief history of Brickerbot

The Brickerbot malware was first detected in April this year. It works by searching the internet for vulnerable IoT devices, and then using exploit code to breach the equipment and rewrite the device’s flash storage with alternative data. This leaves many devices having to be reinstalled or even replaced altogether as the malware can even rewrite the firmware on the device.

Its author has claimed in several emails to have been behind many attacks and outages across the world, including ones against US and Indian internet service providers. However, the supposed perpetrator sent an email to Bleeping Computer announcing his sudden retirement.

They claim to be ‘retiring’ because although the project had been a technical success, they were worried that it was also having a “deleterious effect on the public’s perception of the overall IoT threat”.

“Researchers keep issuing high-profile warnings about genuinely dangerous new botnets, and a few weeks or even days later, they are all but gone. Sooner or later, people are going to start questioning the credibility of the research and the seriousness of the situation,” Janit0r wrote, pointing to the cases of the Persirai, Hajime and Reaper botnets.

Read more: European Parliament pushes on IoT device security and interoperability

Progress  made, but not enough

Janit0r added that while there had been some progress over the past year, with proposals for new security standards,  people, organizations and governments were still not doing enough or moving quickly enough. “We’re running out of time,” they added.

“Because of this, I’ve decided to make a public appeal regarding the severity of the situation. Taking credit for all the carnage of the past year has serious downsides for me and my mission… However I also recognize that if I keep doing what I’m doing, then people of influence may simply perceive the IoT security disaster as less urgent, when in reality they should consider it an emergency requiring immediate action,” they stated.

Operators of IoT DDoS botnets were taking precautions against BrickerBot, and this made Janit0r’s work even more challenging, they said, and they are wary of legal repercussions.

 

“There’s also only so long that I can keep doing something like this before the government types are able to correlate my likely network routes (I have already been active for far too long to remain safe),” Janit0r wrote.

“For a while now my worst-case scenario hasn’t been going to jail, but simply vanishing in the middle of the night as soon as some unpleasant government figures out who I am.”

Read more: Reaper IoT botnet proves less virulent than expected

Severe disruption ahead

As well as advising users to take sanctions against vendors that do not deliver security updates efficiently, the BrickerBot author suggested that ISPs use tools like Shodan to audit their networks and isolate ports and services that don’t need to be online. The internet, they warned, “is only one or two serious IoT exploits away from being severely disrupted”.

Ian Hughes, IoT analyst at IT advisory firm 451 Research, acknowledged that IoT security is a significant concern, but warned that companies are mainly paying attention to security holes when a public release of information forces the issue.

“A more credible approach is offering a bounty or proper reporting scheme to have problems raised and acted upon. The IT industry is full of examples of problems found and ignored, or attempted to be hidden, until they are made public, and IoT continues that unfortunate tradition,” he said.

Read more: Andromeda IoT botnet dismantled by international cyber taskforce

 

The post BrickerBot creator Janit0r ‘retires’ after bricking over 10 million IoT devices appeared first on Internet of Business.

Internet of Business

Apple reclaims top spot in wearable band market after strong Q3

Apple has retaken the lead in the wearable band market thanks to the release of the Apple Watch Series 3, according to the latest industry figures from Canalys.

“Strong demand for the LTE-enabled Apple Watch Series 3 has dispelled service providers’ doubts about the cellular smartwatch not appealing to customers,” said Jason Low, Canalys analyst, with the company adding that 800,000 Apple Watch units shipped in Q317 were cellular-enabled.

However, the release did face its set of setbacks as demand outpaced supply in major markets, thus hindering it from reaching its full potential in Q3. Low added: “In China, customers with high expectations are being driven away by the service disruption fiasco in the country. Besides bringing in more stock, operators should work on improving their remote service provisioning systems to cater for the expected higher demand in Q4/2017.”

Speaking about the trends in the smartwatch segment, Mo Jia, Canalys Research Analyst, said: “While health features continue to be the core focus, vendors are striving to increase the value of smartwatches by prioritising design and highlighting key features. Apple and Samsung are increasing user stickiness and brand loyalty by adopting an ecosystem strategy, which includes wearables and audio accessories. Smartphone vendors must re-evaluate their respective smartwatch strategies to derive more value beyond smartphone growth.”

With new smartwatches coming with enhanced health-tracking features, longer battery life, better and slimmer designs, vendors are anticipating stronger Q4/2017 performance for the market.

Analyst firm Tractica, in itS recently released report, “Wearable Device Market Forecasts”, predicted that the annual wearable device shipments will increase from 118 million units in 2016 to 430 million units by 2022, representing a CAGR of 24.1%. As per the report, by the end of 2022, smartwatches will have become the largest wearable device category, followed closely by fitness trackers and body sensors.

iottechnews.com: Latest from the homepage

Restoring Trust After a Scandal

At the end of 2016, Stockholm-based Telia Co. AB — a telecommunications company with more than $ 9.6 billion in revenues (2016) and 21,000 employees — was recovering from a five-year-old bribery scandal that ultimately resulted in $ 965 million in fines, the resignation of the company’s CEO, the removal of board members, shareholder divestments, and lost public trust.

As the company finalized its latest annual report, Telia’s CEO Johan Dennelind was deciding whether to recommend to the board of directors that they include a bold statement about the company’s ongoing commitment to sustainable business practices. Such a statement had been made by only one other company in the world. It was not immediately clear whether the risks of including such a statement were worth the reward.

The Scandal

In 2012, investigative journalists in Sweden alleged that Telia had paid bribes to the daughter of the president of Uzbekistan to secure a license to operate in that country. After receiving heavy criticism in the media and from its owners and the general public, Telia called on local law firm Mannheimer Swartling to determine the truth behind the journalists’ allegations. While the review did not conclude that bribery had taken place, it did conclude that the company’s own ethical guidelines had been violated.

The CEO resigned the day the review was presented, and a few months later, most of the board of directors was replaced. Several senior executives, including the CFO, former acting CEO, and the former head of the Eurasia business unit, were dismissed in the following months. Lack of confidence in the company’s risk management led to several large Swedish owners divesting, and removing the company from various ethical mutual funds.

Initial Steps to Recovery

In September 2013, a new management team led by Dennelind (previously at Vodacom Group Ltd.) was brought in. After an extensive strategic review, the company decided to exit its business in Eurasia and focus its operations in the Nordic and Baltic regions.

“It is our belief that it is possible to do business in Eurasia, which is both profitable and sustainable — but it is important to enter markets in a correct way,” says Dennelind. Reflecting on mistakes made in Eurasia, he states that, “This was not surprising given how the company was managed in the past. There was no compliance officer nor ‘speak-up-line.’ There was only one sustainability person, and there was no stakeholder management agenda.”

The new management team and the board of directors quickly realized that the crisis was broader than the problems in Uzbekistan; a much larger and longer-term change program was required to regain the trust of the market and investors. Dennelind and his team set about building a sustainable corporate strategy that took account of the needs of its major stakeholders, starting with its 21,000 employees.

Telia developed a long-term-oriented, sustainable corporate strategy based on two elements: an “all-in strategy for shared value creation” and a set of “responsible business programs to ensure sustainable operations and ethical business practices.” Both objectives aimed to build the company’s purpose into the fabric of the organization, so that all employees truly understood Telia’s role in the societies where it operates.

This strategy was aligned with several UN Sustainable Development Goals (SDGs), especially SDG3: Good health and well-being; SDG4: Quality education; SDG9: Industry, innovation, and infrastructure; and SDG13: Climate action. The company also committed to several international principles and charters.

Responsibility for the company’s commitments was embraced at the highest levels of the organization. The new chair of the board of directors, Marie Ehrling, assumed direct responsibility for oversight of the elements and commitments at the core of the company’s sustainable strategy, and the board took responsibility for material sustainability issues through its Sustainability and Ethics Committee and Audit Committee.

Communicating the Strategy

With its new strategy and governance structure in place, Telia executives sought a new approach to its external reporting. Henrik Weinestedt, sustainability director/corporate development, noted that, “We can’t say we’re running a responsible business and have separate financial and sustainability reports. It’s a credibility issue.” However, he also recognized that doing integrated reporting properly was a difficult step, so the company started with a more modest “combined report” in 2014. Weinestedt saw this as a way to communicate to investors, the primary audience of the report, how the company was “moving from a corporate strategy with sustainability programs to a sustainable strategy.”

By the end of 2016, Dennelind and Telia general counsel Jonas Bengtsson were considering how to demonstrate to stakeholders Telia’s commitment to principled business practices. They discussed whether to include in the company’s annual report a formal statement of materiality and significant audiences — aka The Statement, a short document that puts the company’s pursuit of profits and shareholder value into the broader context of Telia’s engagement with stakeholders and society.

Weinestedt knew that another Swedish company, Atlas Copco was the first company to issue such a statement. Dennelind agreed that The Statement would be a natural extension of their strategy, but he wondered, “What does this mean formally? What risks are we taking in producing such a statement?” Bengtsson was initially dubious, as was Telia’s CFO; but Bengtsson overcame his doubts, reflecting that:

The purpose of a corporation is to generate profit for shareholders. But the more I understood the idea of the statement, the less concerned I was about it. The board and management have the right and obligation to think about how profit is generated in a sustainable way. The statement is a very clear and straightforward discussion of how we aim to run our business anyway.

Bengtsson subsequently discussed this idea with his counterparts at other major Swedish companies. He concluded that The Statement was a “modern interpretation of the Swedish Companies Act” and represented “an evolution, not a revolution” in terms of company commitments and their communication to stakeholders. His interpretation was supported by Mannheimer Swartling, which had analyzed whether The Statement fit with Swedish law.

The board agreed, and signed off on the 360-word Statement of Materiality and Significant Audiences that was included in the company’s 2016 Annual and Sustainability Report. The Statement noted that “[it] is Telia Co.’s firm belief that the best way of ensuring sustainable growth and profitability is by integrating sustainable, responsible business practices into all parts of business and strategy, to create long-term shared value for the company, its stakeholders, and society.” The statement also identified its major stakeholders, the importance of engagement with them, and the importance of the company’s contributions to the SDGs. According to Anne Larilahti, VP and head of group sustainability, “The statement simply made more formal what we were already doing.”

Looking forward, Dennelind hoped that Telia’s step in issuing The Statement would help encourage other Swedish companies, as well as companies around the world. “I believe that the statement can play an important role in helping the board to establish guidance for executive management on creating a sustainable corporate strategy in a world of changing expectations about the role of companies in society.”


MIT Sloan Management Review

Nest goes after Ring and home security players with latest updates

Nest, the Alphabet-owned smart home automation provider, has issued a variety of roadmap and product updates around home security.

Among the products, as part of an overall home security solution, is a secure alarm system, an outdoor security camera, as well as a video doorbell system.

The move is the “next phase” of Nest’s strategy to “create the thoughtful home,” in the words of CEO Marwan Fawaz. “Today we’re disrupting yet another product industry: home security,” he said in a statement. “By building product experiences our customers love, Nest has experienced more than 60% growth on devices shipped in recent years and continues to expand to millions of homes around the world.”

The company cites a survey from Nationwide in 2013 which found 43% of people who own alarm systems never arm them, and according to Matt Rogers, Nest founder and chief product officer, this served as inspiration to change the market in the same way Nest has tried to change the smart thermostat market.

Nest Secure is therefore marketed as the ‘first alarm system that is actually enjoyable to live with’, as the company puts it. Through a variety of different products, from Detect, a sensor that detects both motion and open or close movement, to Tag, a fob that will allow users to arm and disarm Secure without a passcode, the product aims to relate to different routines various members of the home will have.

With Nest Hello on the other hand, the target in the company’s sights appears to be Ring, the Santa Monica-based company which provides security cameras, accessories, and – of course – video doorbells. Nest Hello can “detect a person, then send an alert and a snapshot, even if that person doesn’t ring the bell,” the company said.

Pricing for the Nest Secure starter pack, including Nest Guard, two Nest Detects and two Nest Tags, will be at the recommended retail price of $ 499. You can read the full announcements here.

Picture credit: Nest

iottechnews.com: Latest from the homepage